Grimmauld/grimm-nix-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

misc updates

Browse source
This commit is contained in:
Grimmauld 2024-05-08 20:23:42 +02:00
parent d378dc39d9
commit d136aa65c5
6 changed files with 46 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
authorizedKeys.nix
View file

@ -3,4 +3,5 @@
[
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCy7X5ByG4/9y2XkQSnXcpMGnV5WPGUd+B6FaYCDNmPQ7xIZEteS+kCpu9oiMP6C/H/FT+i9DZvCflkzgdFAyujYLKRYaZbZ3K6F60qN0rkJ0z/ZO5c6rqwIwR6BEoB7dq5inkyH9fZ8/SI+PXxELmeWF9ehT7kkQC+o9Ujpcjd7ZuZllbAz4UQZFRbbpwdVJCEDenu9/63yuYbvMupgGk0edaTiFT0Q9MSzs/3pNP8xlAxmmZ3HzSjeF7gUzBF7CaIroTeguiUjSVybUEx48P8fy878t7dUZf4anEno9MS0B3aqfZvCKuuPdAUdeBfCbFHRqN7GuCylFIXGPe95Mxl grimmauld@grimmauld-nixos"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClLZhya2A7SoRSX2DNNM6OWgnGhtOFUor/WdyY59L0l6u5tEo9VyX5bCR84eo+uN4jyahSiGD1WC3RGIoNtHuSkKPxr0rqQhlbuyxraHGj7hOLhcGWRd2eIdsntbma7uPsn4zC0skKjpVNR7PU4LfSxti0gBhgq6uQhMtlfywwJshmwt55q7oT/zC449Uz2vyviy7sQ53R9YoOWEjB/+vU8jHxGlqLatXhOGKlBtrQxKm8PZ6jBYxAC6sGA4APIHWC3KC0S0X7wlmi42Dx9bbBm0rUjy095vRZ22fkE8x9OSTKDY/vFTLw5vwVMa8dACfA1Kc0+EpgOK77lZddeTvD grimmauld.de"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJhM1Fk5ix4OZAdlfCxL891KxeEKpyIFrP5yYkC9mg7E grimmauld@grimmauld-nixos"
]

60
flake.lock
View file

@ -8,11 +8,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1703433843,
"narHash": "sha256-nmtA4KqFboWxxoOAA6Y1okHbZh+HsXaMPFkYHsoDRDw=",
"lastModified": 1715101957,
"narHash": "sha256-fs5uVQFTfgb4L9pnhldeyTHNcYwn1U4nKYoCBJ6W3W4=",
"owner": "ryantm",
"repo": "agenix",
"rev": "417caa847f9383e111d1397039c9d4337d024bf0",
"rev": "07479c2e7396acaaaac5925483498154034ea80a",
"type": "github"
},
"original": {
@ -122,14 +122,14 @@
},
"nixos-matrix-modules": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1701507532,
"narHash": "sha256-Zzv8OFB7iilzDGe6z2t/j8qRtR23TN3N8LssGsvRWEA=",
"lastModified": 1710311999,
"narHash": "sha256-s0pT1NyrMgeolUojXXcnXQDymN7m80GTF7itCv0ZH20=",
"ref": "refs/heads/master",
"rev": "046194cdadc50d81255a9c57789381ed1153e2b1",
"revCount": 56,
"rev": "6c9b67974b839740e2a738958512c7a704481157",
"revCount": 63,
"submodules": true,
"type": "git",
"url": "https://github.com/dali99/nixos-matrix-modules"
@ -186,28 +186,13 @@
"type": "indirect"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1673743903,
"narHash": "sha256-sloY6KYyVOozJ1CkbgJPpZ99TKIjIvM+04V48C04sMQ=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "7555e2dfcbac1533f047021f1744ac8871150f9f",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1706826059,
"narHash": "sha256-N69Oab+cbt3flLvYv8fYnEHlBsWwdKciNZHUbynVEOA=",
"lastModified": 1714971268,
"narHash": "sha256-IKwMSwHj9+ec660l+I4tki/1NRoeGpyA2GdtdYpAgEw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "25e3d4c0d3591c99929b1ec07883177f6ea70c9d",
"rev": "27c13997bf450a01219899f5a83bd6ffbfc70d3c",
"type": "github"
},
"original": {
@ -234,11 +219,26 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1706732774,
"narHash": "sha256-hqJlyJk4MRpcItGYMF+3uHe8HvxNETWvlGtLuVpqLU0=",
"lastModified": 1706098335,
"narHash": "sha256-r3dWjT8P9/Ah5m5ul4WqIWD8muj5F+/gbCdjiNVBKmU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b8b232ae7b8b144397fdb12d20f592e5e7c1a64d",
"rev": "a77ab169a83a4175169d78684ddd2e54486ac651",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.11",
"type": "indirect"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1714906307,
"narHash": "sha256-UlRZtrCnhPFSJlDQE7M0eyhgvuuHBTe1eJ9N9AQlJQ0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "25865a40d14b3f9cf19f19b924e2ab4069b09588",
"type": "github"
},
"original": {
@ -253,7 +253,7 @@
"agenix": "agenix",
"nixos-mailserver": "nixos-mailserver",
"nixos-matrix-modules": "nixos-matrix-modules",
"nixpkgs": "nixpkgs_3",
"nixpkgs": "nixpkgs_4",
"nixpkgs-stable": "nixpkgs-stable"
}
},

2
flake.nix
View file

@ -41,7 +41,7 @@
./modules/email.nix
./modules/discord-matrix-bridge.nix
./modules/mastodon.nix
./modules/folding.nix
# ./modules/folding.nix
./modules/toolchains.nix
# ./modules/ptero.nix
agenix.nixosModules.default

13
modules/gitea.nix
View file

@ -3,6 +3,7 @@ let
root_host = "grimmauld.de";
gitea_host = "git.${root_host}";
gitea_port = 8081;
gitea_ssh_port = 2222;
in {
services.gitea = {
enable = true;
@ -11,14 +12,24 @@ in {
server = {
HTTP_PORT = gitea_port;
ROOT_URL = "https://${gitea_host}/";
DISABLE_SSH = true;
DISABLE_SSH = false;
SSH_DOMAIN = root_host;
START_SSH_SERVER = true;
BUILTIN_SSH_SERVER_USER = "git";
SSH_PORT = gitea_ssh_port;
# SSH_LISTEN_HOST="::"; # fixme?
# SSH_AUTHORIZED_PRINCIPALS_ALLOW="username";
};
# log.LEVEL = "Debug";
"ssh.minimum_key_sizes".RSA = 2048;
"git.timeout".MIGRATE = 6000;
};
lfs.enable = true;
};
security.acme.certs."${root_host}".extraDomainNames = [ gitea_host];
networking.firewall.allowedTCPPorts = [ gitea_ssh_port ];
services.nginx = {
enable = true;

2
modules/puffer.nix
View file

@ -38,7 +38,7 @@ in {
};
security.acme.certs."${root_host}".extraDomainNames = [ puffer_host tlemap_host ];
networking.firewall.allowedTCPPorts = [ puffer_sftp_port 25565 25566 25567 25568];
networking.firewall.allowedTCPPorts = [ puffer_sftp_port 25565 25566 25567 25568 7270 ];
# virtualisation.podman.enable = true;
virtualisation.docker.enable = true;

1
modules/toolchains.nix
View file

@ -6,6 +6,7 @@ in {
(writeShellScriptBin "systemd-owner" "systemctl show -pUser,UID $@")
(writeShellScriptBin "nix-referrers" "nix-store --query --referrers $@")
mkpasswd
node2nix
];
programs.git = {